Back-up and Authenticate StartSSL Personal Certificates, Part 2 of 4
Network Administration Sunday, March 02, 2014
Reading
Add Comment
Setup StartSSL Certificates: Personal Certificate Authentication, Part 2 of 4.
Last updated March 1st, 2014 by Steven JordanTakeaway: This article explains the role of StartSSL personal certificates. This is the second part in a four-part series on how to use StartSSL certificates.
Additional StartSSL articles:
1. Sign-up: Resister with StartSSL.
2. Personal Certificates: Back-up and authenticate to StartSSL with personal certificates.
3. New Cert: Generate the StartSSL certificate.
4. Windows Certificate Management: Import the StartSSL certificate into Windows.
Back up the personal certificate:
Your personal certificate represents your digital identity. Backup your personal certificate to keep your digital identity safe. You can use the backup file for disaster recovery and as a source to import the certificate to new devices and applications.
To export certificates from FireFox:
a.) Click on the Firefox Menu → Options → Options.
b.) From Options → Advanced → Certificates → View Certificates.
c.)
The Certificate Manager lists all personal certificates installed in
FireFox. Choose your StartSSL certificate and click on Backup.
d.) Choose a location to save the file. Choose a name for the file. Click Save and choose a Backup Password.
The backup password is very important. Every SSL certificate requires a
private key and a public key. The backup password is your private key
password.
Choose a
complex private key password. Use uppercase, lower case, numbers, and
symbols. Create a key password of substantial length. Store the key
password in a secure location. For example, KeyPass, is a popular method to generate and store private keys.
Offline storage is another secure approach for private key storage.
Bit-locker encrypted USB thumb drives are cheap and will prevent
compromise. Store the USB drive in a secure place. DO NOT use the
drive for anything other than its intended purpose.
Guard the key password and do not lose it. If someone obtains your
private key and password they can use it to impersonate you and access
encrypted resources.
e.)
The certificate and private key are saved as a single Personal
Information Exchange (PIF) file. You can use the PIF file and private
key password to install the certificate on additional applications and
devices.
You
can also import and export certificates into the Windows certificate
store for use with IE and Chrome. This step is optional and Firefox is
the recommended browser for administering your StartSSL account.
f.) The Internet Explorer Certificate Manager provides end-users a simple certificate tool: From the Control Panel → Internet Options → Content tab → Certificates .
Click the Import button from the Personal tab to start the Certificate Import Wizard. Likewise, highlight a certificate and click on Export to start the Certificate Export Wizard.
Network Administration Network Security PKI
0 Comments:
Post a Comment